Latest Top Posts

google-messages-preps-to-fast-forward-your-forwards-(apk-teardown)

Google Messages Preps To Fast-Forward Your Forwards (APK Teardown)

gemini-app-redesigns-‘plus’-menu,-adds-canvas-on-android-and-ios

Gemini App Redesigns ‘plus’ Menu, Adds Canvas On Android And IOS

you-may-soon-be-able-to-add-topics-to-your-threads-profile

You May Soon Be Able To Add Topics To Your Threads Profile

this-awesome-anker-flat-plug-power-strip-300j-is-only-$20-right-now

This Awesome Anker Flat Plug Power Strip 300J Is Only $20 Right Now

xfinity-&-spectrum-launch-satellite-based-emergency-messaging

Xfinity & Spectrum Launch Satellite-Based Emergency Messaging

Data Breach At SpyX Stalkerware Exposes Millions Of IPhone Users

All the latest Android & Tech news Apple News data breach Malware stalkerware Tech News Add Comment 3 Min Read
data-breach-at-spyx-stalkerware-exposes-millions-of-iphone-users
Data Breach At SpyX Stalkerware Exposes Millions Of IPhone Users

Stalkerware apps are a silly concept. If you thought that you could install these apps without any consequence, then don’t be surprised if you find your information stolen and leaked on the internet. TechCrunch has recently uncovered a data breach that exposed records on nearly two million people linked to the SpyX iPhone stalkerware.

According to TechCrunch, the June 2024 breach remained unreported until now. There is also no indication that SpyX’s operators ever notified affected customers or their spyware targets. This is even scarier because SpyX is the 25th mobile surveillance operation since 2017 to experience a data breach. If this doesn’t put you off from using these kinds of stalkerware apps, we don’t know what will.

Security researcher Troy Hunt, who runs the data breach notification service Have I Been Pwned, confirmed the leak. He spotted two text files containing 1.97 million unique account records. The cache included associated email addresses, with the majority tied to SpyX. According to Hunt, about 40% of the leaked email addresses were already listed in Have I Been Pwned.

Hunt later confirmed the accuracy of the information with several Have I Been Pwned subscribers. Google has since removed a Chrome extension linked to SpyX.

Speaking to TechCrunch, Google spokesperson Ed Fernandez said, “Chrome Web Store and Google Play Store policies clearly prohibit malicious code, spyware and stalkerware, and if we find violations, we take appropriate action. If a user suspects their Google Account has been compromised, they should take recommended steps immediately to secure it.”

The danger of stalkerware

For those unfamiliar, stalkerware apps are basically apps that offer features that can track a person’s location and see the contents of their devices. It almost sounds like typical malware, except that stalkerware apps usually disguise themselves as parental apps. They market themselves as apps that parents should use if they want to keep track of their kids. But it is invasive and collects a lot of unnecessary data.

See also  ASUS's New ROG Rapture Gaming Router Has On-Device AI Processing

In fact, SpyX isn’t the first stalkerware app to compromise the data of Android and iPhone users. Earlier, we reported on another similar app called Spyzie, which breach leaked data on thousands of its users.

Tags: